|
version 1.1.1.1, 2012/02/17 15:09:30
|
version 1.1.1.2, 2013/10/14 07:51:14
|
|
Line 1
|
Line 1
|
| mailto(rsync-bugs@samba.org) |
mailto(rsync-bugs@samba.org) |
| manpage(rsyncd.conf)(5)(23 Sep 2011)()() | manpage(rsyncd.conf)(5)(28 Sep 2013)()() |
| manpagename(rsyncd.conf)(configuration file for rsync in daemon mode) |
manpagename(rsyncd.conf)(configuration file for rsync in daemon mode) |
| manpagesynopsis() |
manpagesynopsis() |
| |
|
|
Line 28 whitespace in module and parameter names is irrelevant
|
Line 28 whitespace in module and parameter names is irrelevant
|
| trailing whitespace in a parameter value is discarded. Internal whitespace |
trailing whitespace in a parameter value is discarded. Internal whitespace |
| within a parameter value is retained verbatim. |
within a parameter value is retained verbatim. |
| |
|
| Any line beginning with a hash (#) is ignored, as are lines containing | Any line bf(beginning) with a hash (#) is ignored, as are lines containing |
| only whitespace. | only whitespace. (If a hash occurs after anything other than leading |
| | whitespace, it is considered a part of the line's content.) |
| |
|
| Any line ending in a \ is "continued" on the next line in the |
Any line ending in a \ is "continued" on the next line in the |
| customary UNIX fashion. |
customary UNIX fashion. |
|
Line 78 You may also include any module parameters in the glob
|
Line 79 You may also include any module parameters in the glob
|
| config file in which case the supplied value will override the |
config file in which case the supplied value will override the |
| default for that parameter. |
default for that parameter. |
| |
|
| |
You may use references to environment variables in the values of parameters. |
| |
String parameters will have %VAR% references expanded as late as possible (when |
| |
the string is used in the program), allowing for the use of variables that |
| |
rsync sets at connection time, such as RSYNC_USER_NAME. Non-string parameters |
| |
(such as true/false settings) are expanded when read from the config file. If |
| |
a variable does not exist in the environment, or if a sequence of characters is |
| |
not a valid reference (such as an un-paired percent sign), the raw characters |
| |
are passed through unchanged. This helps with backward compatibility and |
| |
safety (e.g. expanding a non-existent %VAR% to an empty string in a path could |
| |
result in a very unsafe path). The safest way to insert a literal % into a |
| |
value is to use %%. |
| |
|
| startdit() |
startdit() |
| dit(bf(motd file)) This parameter allows you to specify a |
dit(bf(motd file)) This parameter allows you to specify a |
| "message of the day" to display to clients on each connect. This |
"message of the day" to display to clients on each connect. This |
| usually contains site information and any legal notices. The default |
usually contains site information and any legal notices. The default |
| is no motd file. |
is no motd file. |
| |
This can be overridden by the bf(--dparam=motdfile=FILE) |
| |
command-line option when starting the daemon. |
| |
|
| dit(bf(pid file)) This parameter tells the rsync daemon to write |
dit(bf(pid file)) This parameter tells the rsync daemon to write |
| its process ID to that file. If the file already exists, the rsync |
its process ID to that file. If the file already exists, the rsync |
| daemon will abort rather than overwrite the file. |
daemon will abort rather than overwrite the file. |
| |
This can be overridden by the bf(--dparam=pidfile=FILE) |
| |
command-line option when starting the daemon. |
| |
|
| dit(bf(port)) You can override the default port the daemon will listen on |
dit(bf(port)) You can override the default port the daemon will listen on |
| by specifying this value (defaults to 873). This is ignored if the daemon |
by specifying this value (defaults to 873). This is ignored if the daemon |
|
Line 104 details on some of the options you may be able to set.
|
Line 121 details on some of the options you may be able to set.
|
| special socket options are set. These settings can also be specified |
special socket options are set. These settings can also be specified |
| via the bf(--sockopts) command-line option. |
via the bf(--sockopts) command-line option. |
| |
|
| |
dit(bf(listen backlog)) You can override the default backlog value when the |
| |
daemon listens for connections. It defaults to 5. |
| |
|
| enddit() |
enddit() |
| |
|
| manpagesection(MODULE PARAMETERS) |
manpagesection(MODULE PARAMETERS) |
|
Line 117 name contains whitespace, each internal sequence of wh
|
Line 137 name contains whitespace, each internal sequence of wh
|
| changed into a single space, while leading or trailing whitespace will be |
changed into a single space, while leading or trailing whitespace will be |
| discarded. |
discarded. |
| |
|
| |
As with GLOBAL PARAMETERS, you may use references to environment variables in |
| |
the values of parameters. See the GLOBAL PARAMETERS section for more details. |
| |
|
| startdit() |
startdit() |
| |
|
| dit(bf(comment)) This parameter specifies a description string |
dit(bf(comment)) This parameter specifies a description string |
|
Line 127 dit(bf(path)) This parameter specifies the directory i
|
Line 150 dit(bf(path)) This parameter specifies the directory i
|
| filesystem to make available in this module. You must specify this parameter |
filesystem to make available in this module. You must specify this parameter |
| for each module in tt(rsyncd.conf). |
for each module in tt(rsyncd.conf). |
| |
|
| |
You may base the path's value off of an environment variable by surrounding |
| |
the variable name with percent signs. You can even reference a variable |
| |
that is set by rsync when the user connects. |
| |
For example, this would use the authorizing user's name in the path: |
| |
|
| |
verb( path = /home/%RSYNC_USER_NAME% ) |
| |
|
| It is fine if the path includes internal spaces -- they will be retained |
It is fine if the path includes internal spaces -- they will be retained |
| verbatim (which means that you shouldn't try to escape them). If your final |
verbatim (which means that you shouldn't try to escape them). If your final |
| directory has a trailing space (and this is somehow not something you wish to |
directory has a trailing space (and this is somehow not something you wish to |
|
Line 197 to translate names, and that it is not possible for a
|
Line 227 to translate names, and that it is not possible for a
|
| resources. |
resources. |
| |
|
| dit(bf(munge symlinks)) This parameter tells rsync to modify |
dit(bf(munge symlinks)) This parameter tells rsync to modify |
| all incoming symlinks in a way that makes them unusable but recoverable | all symlinks in the same way as the (non-daemon-affecting) |
| (see below). This should help protect your files from user trickery when | bf(--munge-links) command-line option (using a method described below). |
| | This should help protect your files from user trickery when |
| your daemon module is writable. The default is disabled when "use chroot" |
your daemon module is writable. The default is disabled when "use chroot" |
| is on and the inside-chroot path is "/", otherwise it is enabled. |
is on and the inside-chroot path is "/", otherwise it is enabled. |
| |
|
|
Line 266 If the daemon fails to open the specified file, it wil
|
Line 297 If the daemon fails to open the specified file, it wil
|
| using syslog and output an error about the failure. (Note that the |
using syslog and output an error about the failure. (Note that the |
| failure to open the specified log file used to be a fatal error.) |
failure to open the specified log file used to be a fatal error.) |
| |
|
| |
This setting can be overridden by using the bf(--log-file=FILE) or |
| |
bf(--dparam=logfile=FILE) command-line options. The former overrides |
| |
all the log-file parameters of the daemon and all module settings. |
| |
The latter sets the daemon's log file and the default for all the |
| |
modules, which still allows modules to override the default setting. |
| |
|
| dit(bf(syslog facility)) This parameter allows you to |
dit(bf(syslog facility)) This parameter allows you to |
| specify the syslog facility name to use when logging messages from the |
specify the syslog facility name to use when logging messages from the |
| rsync daemon. You may use any standard syslog facility name which is |
rsync daemon. You may use any standard syslog facility name which is |
|
Line 293 attempted uploads will fail. If "read only" is false t
|
Line 330 attempted uploads will fail. If "read only" is false t
|
| be possible if file permissions on the daemon side allow them. The default |
be possible if file permissions on the daemon side allow them. The default |
| is for all modules to be read only. |
is for all modules to be read only. |
| |
|
| |
Note that "auth users" can override this setting on a per-user basis. |
| |
|
| dit(bf(write only)) This parameter determines whether clients |
dit(bf(write only)) This parameter determines whether clients |
| will be able to download files or not. If "write only" is true then any |
will be able to download files or not. If "write only" is true then any |
| attempted downloads will fail. If "write only" is false then downloads |
attempted downloads will fail. If "write only" is false then downloads |
| will be possible if file permissions on the daemon side allow them. The |
will be possible if file permissions on the daemon side allow them. The |
| default is for this parameter to be disabled. |
default is for this parameter to be disabled. |
| |
|
| dit(bf(list)) This parameter determines if this module should be | dit(bf(list)) This parameter determines whether this module is |
| listed when the client asks for a listing of available modules. By | listed when the client asks for a listing of available modules. In addition, |
| setting this to false you can create hidden modules. The default is | if this is false, the daemon will pretend the module does not exist |
| for modules to be listable. | when a client denied by "hosts allow" or "hosts deny" attempts to access it. |
| | Realize that if "reverse lookup" is disabled globally but enabled for the |
| | module, the resulting reverse lookup to a potentially client-controlled DNS |
| | server may still reveal to the client that it hit an existing module. |
| | The default is for modules to be listable. |
| |
|
| dit(bf(uid)) This parameter specifies the user name or user ID that |
dit(bf(uid)) This parameter specifies the user name or user ID that |
| file transfers to and from that module should take place as when the daemon |
file transfers to and from that module should take place as when the daemon |
| was run as root. In combination with the "gid" parameter this determines what |
was run as root. In combination with the "gid" parameter this determines what |
| file permissions are available. The default is uid -2, which is normally | file permissions are available. The default when run by a super-user is to |
| the user "nobody". | switch to the system's "nobody" user. The default for a non-super-user is to |
| | not try to change the user. See also the "gid" parameter. |
| |
|
| dit(bf(gid)) This parameter specifies the group name or group ID that | The RSYNC_USER_NAME environment variable may be used to request that rsync run |
| file transfers to and from that module should take place as when the daemon | as the authorizing user. For example, if you want a rsync to run as the same |
| was run as root. This complements the "uid" parameter. The default is gid -2, | user that was received for the rsync authentication, this setup is useful: |
| which is normally the group "nobody". | |
| |
|
| |
verb( uid = %RSYNC_USER_NAME% |
| |
gid = * ) |
| |
|
| |
dit(bf(gid)) This parameter specifies one or more group names/IDs that will be |
| |
used when accessing the module. The first one will be the default group, and |
| |
any extra ones be set as supplemental groups. You may also specify a "*" as |
| |
the first gid in the list, which will be replaced by all the normal groups for |
| |
the transfer's user (see "uid"). The default when run by a super-user is to |
| |
switch to your OS's "nobody" (or perhaps "nogroup") group with no other |
| |
supplementary groups. The default for a non-super-user is to not change any |
| |
group attributes (and indeed, your OS may not allow a non-super-user to try to |
| |
change their group settings). |
| |
|
| dit(bf(fake super)) Setting "fake super = yes" for a module causes the |
dit(bf(fake super)) Setting "fake super = yes" for a module causes the |
| daemon side to behave as if the bf(--fake-super) command-line option had |
daemon side to behave as if the bf(--fake-super) command-line option had |
| been specified. This allows the full attributes of a file to be stored |
been specified. This allows the full attributes of a file to be stored |
|
Line 388 be on to the clients.
|
Line 444 be on to the clients.
|
| See the description of the bf(--chmod) rsync option and the bf(chmod)(1) |
See the description of the bf(--chmod) rsync option and the bf(chmod)(1) |
| manpage for information on the format of this string. |
manpage for information on the format of this string. |
| |
|
| dit(bf(auth users)) This parameter specifies a comma and | dit(bf(auth users)) This parameter specifies a comma and/or space-separated |
| space-separated list of usernames that will be allowed to connect to | list of authorization rules. In its simplest form, you list the usernames |
| | that will be allowed to connect to |
| this module. The usernames do not need to exist on the local |
this module. The usernames do not need to exist on the local |
| system. The usernames may also contain shell wildcard characters. If | system. The rules may contain shell wildcard characters that will be matched |
| | against the username provided by the client for authentication. If |
| "auth users" is set then the client will be challenged to supply a |
"auth users" is set then the client will be challenged to supply a |
| username and password to connect to the module. A challenge response |
username and password to connect to the module. A challenge response |
| authentication protocol is used for this exchange. The plain text |
authentication protocol is used for this exchange. The plain text |
|
Line 399 usernames and passwords are stored in the file specifi
|
Line 457 usernames and passwords are stored in the file specifi
|
| "secrets file" parameter. The default is for all users to be able to |
"secrets file" parameter. The default is for all users to be able to |
| connect without a password (this is called "anonymous rsync"). |
connect without a password (this is called "anonymous rsync"). |
| |
|
| |
In addition to username matching, you can specify groupname matching via a '@' |
| |
prefix. When using groupname matching, the authenticating username must be a |
| |
real user on the system, or it will be assumed to be a member of no groups. |
| |
For example, specifying "@rsync" will match the authenticating user if the |
| |
named user is a member of the rsync group. |
| |
|
| |
Finally, options may be specified after a colon (:). The options allow you to |
| |
"deny" a user or a group, set the access to "ro" (read-only), or set the access |
| |
to "rw" (read/write). Setting an auth-rule-specific ro/rw setting overrides |
| |
the module's "read only" setting. |
| |
|
| |
Be sure to put the rules in the order you want them to be matched, because the |
| |
checking stops at the first matching user or group, and that is the only auth |
| |
that is checked. For example: |
| |
|
| |
verb( auth users = joe:deny @guest:deny admin:rw @rsync:ro susan joe sam ) |
| |
|
| |
In the above rule, user joe will be denied access no matter what. Any user |
| |
that is in the group "guest" is also denied access. The user "admin" gets |
| |
access in read/write mode, but only if the admin user is not in group "guest" |
| |
(because the admin user-matching rule would never be reached if the user is in |
| |
group "guest"). Any other user who is in group "rsync" will get read-only |
| |
access. Finally, users susan, joe, and sam get the ro/rw setting of the |
| |
module, but only if the user didn't match an earlier group-matching rule. |
| |
|
| |
See the description of the secrets file for how you can have per-user passwords |
| |
as well as per-group passwords. It also explains how a user can authenticate |
| |
using their user password or (when applicable) a group password, depending on |
| |
what rule is being authenticated. |
| |
|
| See also the section entitled "USING RSYNC-DAEMON FEATURES VIA A REMOTE |
See also the section entitled "USING RSYNC-DAEMON FEATURES VIA A REMOTE |
| SHELL CONNECTION" in bf(rsync)(1) for information on how handle an |
SHELL CONNECTION" in bf(rsync)(1) for information on how handle an |
| rsyncd.conf-level username that differs from the remote-shell-level |
rsyncd.conf-level username that differs from the remote-shell-level |
| username when using a remote shell to connect to an rsync daemon. |
username when using a remote shell to connect to an rsync daemon. |
| |
|
| dit(bf(secrets file)) This parameter specifies the name of | dit(bf(secrets file)) This parameter specifies the name of a file that contains |
| a file that contains the username:password pairs used for | the username:password and/or @groupname:password pairs used for authenticating |
| authenticating this module. This file is only consulted if the "auth | this module. This file is only consulted if the "auth users" parameter is |
| users" parameter is specified. The file is line based and contains | specified. The file is line-based and contains one name:password pair per |
| username:password pairs separated by a single colon. Any line starting | line. Any line has a hash (#) as the very first character on the line is |
| with a hash (#) is considered a comment and is skipped. The passwords | considered a comment and is skipped. The passwords can contain any characters |
| can contain any characters but be warned that many operating systems | but be warned that many operating systems limit the length of passwords that |
| limit the length of passwords that can be typed at the client end, so | can be typed at the client end, so you may find that passwords longer than 8 |
| you may find that passwords longer than 8 characters don't work. | characters don't work. |
| |
|
| |
The use of group-specific lines are only relevant when the module is being |
| |
authorized using a matching "@groupname" rule. When that happens, the user |
| |
can be authorized via either their "username:password" line or the |
| |
"@groupname:password" line for the group that triggered the authentication. |
| |
|
| |
It is up to you what kind of password entries you want to include, either |
| |
users, groups, or both. The use of group rules in "auth users" does not |
| |
require that you specify a group password if you do not want to use shared |
| |
passwords. |
| |
|
| There is no default for the "secrets file" parameter, you must choose a name |
There is no default for the "secrets file" parameter, you must choose a name |
| (such as tt(/etc/rsyncd.secrets)). The file must normally not be readable |
(such as tt(/etc/rsyncd.secrets)). The file must normally not be readable |
| by "other"; see "strict modes". | by "other"; see "strict modes". If the file is not found or is rejected, no |
| | logins for a "user auth" module will be possible. |
| |
|
| dit(bf(strict modes)) This parameter determines whether or not |
dit(bf(strict modes)) This parameter determines whether or not |
| the permissions on the secrets file will be checked. If "strict modes" is |
the permissions on the secrets file will be checked. If "strict modes" is |
|
Line 443 quote(itemization(
|
Line 542 quote(itemization(
|
| IP address and maskaddr is the netmask in dotted decimal notation for IPv4, |
IP address and maskaddr is the netmask in dotted decimal notation for IPv4, |
| or similar for IPv6, e.g. ffff:ffff:ffff:ffff:: instead of /64. All IP |
or similar for IPv6, e.g. ffff:ffff:ffff:ffff:: instead of /64. All IP |
| addresses which match the masked IP address will be allowed in. |
addresses which match the masked IP address will be allowed in. |
| it() a hostname. The hostname as determined by a reverse lookup will | it() a hostname pattern using wildcards. If the hostname of the connecting IP |
| be matched (case insensitive) against the pattern. Only an exact | (as determined by a reverse lookup) matches the wildcarded name (using the |
| match is allowed in. | same rules as normal unix filename matching), the client is allowed in. This |
| it() a hostname pattern using wildcards. These are matched using the | only works if "reverse lookup" is enabled (the default). |
| same rules as normal unix filename matching. If the pattern matches | it() a hostname. A plain hostname is matched against the reverse DNS of the |
| then the client is allowed in. | connecting IP (if "reverse lookup" is enabled), and/or the IP of the given |
| | hostname is matched against the connecting IP (if "forward lookup" is |
| | enabled, as it is by default). Any match will be allowed in. |
| )) |
)) |
| |
|
| Note IPv6 link-local addresses can have a scope in the address specification: |
Note IPv6 link-local addresses can have a scope in the address specification: |
|
Line 476 rejected. See the "hosts allow" parameter for more inf
|
Line 577 rejected. See the "hosts allow" parameter for more inf
|
| |
|
| The default is no "hosts deny" parameter, which means all hosts can connect. |
The default is no "hosts deny" parameter, which means all hosts can connect. |
| |
|
| |
dit(bf(reverse lookup)) Controls whether the daemon performs a reverse lookup |
| |
on the client's IP address to determine its hostname, which is used for |
| |
"hosts allow"/"hosts deny" checks and the "%h" log escape. This is enabled by |
| |
default, but you may wish to disable it to save time if you know the lookup will |
| |
not return a useful result, in which case the daemon will use the name |
| |
"UNDETERMINED" instead. |
| |
|
| |
If this parameter is enabled globally (even by default), rsync performs the |
| |
lookup as soon as a client connects, so disabling it for a module will not |
| |
avoid the lookup. Thus, you probably want to disable it globally and then |
| |
enable it for modules that need the information. |
| |
|
| |
dit(bf(forward lookup)) Controls whether the daemon performs a forward lookup |
| |
on any hostname specified in an hosts allow/deny setting. By default this is |
| |
enabled, allowing the use of an explicit hostname that would not be returned |
| |
by reverse DNS of the connecting IP. |
| |
|
| dit(bf(ignore errors)) This parameter tells rsyncd to |
dit(bf(ignore errors)) This parameter tells rsyncd to |
| ignore I/O errors on the daemon when deciding whether to run the delete |
ignore I/O errors on the daemon when deciding whether to run the delete |
| phase of the transfer. Normally rsync skips the bf(--delete) step if any |
phase of the transfer. Normally rsync skips the bf(--delete) step if any |
|
Line 502 The format is a text string containing embedded single
|
Line 620 The format is a text string containing embedded single
|
| sequences prefixed with a percent (%) character. An optional numeric |
sequences prefixed with a percent (%) character. An optional numeric |
| field width may also be specified between the percent and the escape |
field width may also be specified between the percent and the escape |
| letter (e.g. "bf(%-50n %8l %07p)"). |
letter (e.g. "bf(%-50n %8l %07p)"). |
| |
In addition, one or more apostrophes may be specified prior to a numerical |
| |
escape to indicate that the numerical value should be made more human-readable. |
| |
The 3 supported levels are the same as for the bf(--human-readable) |
| |
command-line option, though the default is for human-readability to be off. |
| |
Each added apostrophe increases the level (e.g. "bf(%''l %'b %f)"). |
| |
|
| The default log format is "%o %h [%a] %m (%u) %f %l", and a "%t [%p] " |
The default log format is "%o %h [%a] %m (%u) %f %l", and a "%t [%p] " |
| is always prefixed when using the "log file" parameter. |
is always prefixed when using the "log file" parameter. |
|
Line 512 rsyncstats.)
|
Line 635 rsyncstats.)
|
| The single-character escapes that are understood are as follows: |
The single-character escapes that are understood are as follows: |
| |
|
| quote(itemization( |
quote(itemization( |
| it() %a the remote IP address | it() %a the remote IP address (only available for a daemon) |
| it() %b the number of bytes actually transferred |
it() %b the number of bytes actually transferred |
| it() %B the permission bits of the file (e.g. rwxrwxrwt) |
it() %B the permission bits of the file (e.g. rwxrwxrwt) |
| it() %c the total size of the block checksums received for the basis file (only when sending) |
it() %c the total size of the block checksums received for the basis file (only when sending) |
| |
it() %C the full-file MD5 checksum if bf(--checksum) is enabled or a file was transferred (only for protocol 30 or above). |
| it() %f the filename (long form on sender; no trailing "/") |
it() %f the filename (long form on sender; no trailing "/") |
| it() %G the gid of the file (decimal) or "DEFAULT" |
it() %G the gid of the file (decimal) or "DEFAULT" |
| it() %h the remote host name | it() %h the remote host name (only available for a daemon) |
| it() %i an itemized list of what is being updated |
it() %i an itemized list of what is being updated |
| it() %l the length of the file in bytes |
it() %l the length of the file in bytes |
| it() %L the string " -> SYMLINK", " => HARDLINK", or "" (where bf(SYMLINK) or bf(HARDLINK) is a filename) |
it() %L the string " -> SYMLINK", " => HARDLINK", or "" (where bf(SYMLINK) or bf(HARDLINK) is a filename) |
|
Line 589 the sender.
|
Line 713 the sender.
|
| |
|
| dit(bf(pre-xfer exec), bf(post-xfer exec)) You may specify a command to be run |
dit(bf(pre-xfer exec), bf(post-xfer exec)) You may specify a command to be run |
| before and/or after the transfer. If the bf(pre-xfer exec) command fails, the |
before and/or after the transfer. If the bf(pre-xfer exec) command fails, the |
| transfer is aborted before it begins. | transfer is aborted before it begins. Any output from the script on stdout (up |
| | to several KB) will be displayed to the user when aborting, but is NOT |
| | displayed if the script returns success. Any output from the script on stderr |
| | goes to the daemon's stderr, which is typically discarded (though see |
| | --no-detatch option for a way to see the stderr output, which can assist with |
| | debugging). |
| |
|
| The following environment variables will be set, though some are |
The following environment variables will be set, though some are |
| specific to the pre-xfer or the post-xfer environment: |
specific to the pre-xfer or the post-xfer environment: |
|
Line 602 quote(itemization(
|
Line 731 quote(itemization(
|
| it() bf(RSYNC_USER_NAME): The accessing user's name (empty if no user). |
it() bf(RSYNC_USER_NAME): The accessing user's name (empty if no user). |
| it() bf(RSYNC_PID): A unique number for this transfer. |
it() bf(RSYNC_PID): A unique number for this transfer. |
| it() bf(RSYNC_REQUEST): (pre-xfer only) The module/path info specified |
it() bf(RSYNC_REQUEST): (pre-xfer only) The module/path info specified |
| by the user (note that the user can specify multiple source files, | by the user. Note that the user can specify multiple source files, |
| so the request can be something like "mod/path1 mod/path2", etc.). | so the request can be something like "mod/path1 mod/path2", etc. |
| it() bf(RSYNC_ARG#): (pre-xfer only) The pre-request arguments are set |
it() bf(RSYNC_ARG#): (pre-xfer only) The pre-request arguments are set |
| in these numbered values. RSYNC_ARG0 is always "rsyncd", and the last | in these numbered values. RSYNC_ARG0 is always "rsyncd", followed by |
| value contains a single period. | the options that were used in RSYNC_ARG1, and so on. There will be a |
| | value of "." indicating that the options are done and the path args |
| | are beginning -- these contain similar information to RSYNC_REQUEST, |
| | but with values separated and the module name stripped off. |
| it() bf(RSYNC_EXIT_STATUS): (post-xfer only) the server side's exit value. |
it() bf(RSYNC_EXIT_STATUS): (post-xfer only) the server side's exit value. |
| This will be 0 for a successful run, a positive value for an error that the |
This will be 0 for a successful run, a positive value for an error that the |
| server generated, or a -1 if rsync failed to exit properly. Note that an |
server generated, or a -1 if rsync failed to exit properly. Note that an |
|
Line 621 module's uid/gid setting) without any chroot restricti
|
Line 753 module's uid/gid setting) without any chroot restricti
|
| |
|
| enddit() |
enddit() |
| |
|
| |
manpagesection(CONFIG DIRECTIVES) |
| |
|
| |
There are currently two config directives available that allow a config file to |
| |
incorporate the contents of other files: bf(&include) and bf(&merge). Both |
| |
allow a reference to either a file or a directory. They differ in how |
| |
segregated the file's contents are considered to be. |
| |
|
| |
The bf(&include) directive treats each file as more distinct, with each one |
| |
inheriting the defaults of the parent file, starting the parameter parsing |
| |
as globals/defaults, and leaving the defaults unchanged for the parsing of |
| |
the rest of the parent file. |
| |
|
| |
The bf(&merge) directive, on the other hand, treats the file's contents as |
| |
if it were simply inserted in place of the directive, and thus it can set |
| |
parameters in a module started in another file, can affect the defaults for |
| |
other files, etc. |
| |
|
| |
When an bf(&include) or bf(&merge) directive refers to a directory, it will read |
| |
in all the bf(*.conf) or bf(*.inc) files (respectively) that are contained inside |
| |
that directory (without any |
| |
recursive scanning), with the files sorted into alpha order. So, if you have a |
| |
directory named "rsyncd.d" with the files "foo.conf", "bar.conf", and |
| |
"baz.conf" inside it, this directive: |
| |
|
| |
verb( &include /path/rsyncd.d ) |
| |
|
| |
would be the same as this set of directives: |
| |
|
| |
verb( &include /path/rsyncd.d/bar.conf |
| |
&include /path/rsyncd.d/baz.conf |
| |
&include /path/rsyncd.d/foo.conf ) |
| |
|
| |
except that it adjusts as files are added and removed from the directory. |
| |
|
| |
The advantage of the bf(&include) directive is that you can define one or more |
| |
modules in a separate file without worrying about unintended side-effects |
| |
between the self-contained module files. |
| |
|
| |
The advantage of the bf(&merge) directive is that you can load config snippets |
| |
that can be included into multiple module definitions, and you can also set |
| |
global values that will affect connections (such as bf(motd file)), or globals |
| |
that will affect other include files. |
| |
|
| |
For example, this is a useful /etc/rsyncd.conf file: |
| |
|
| |
verb( port = 873 |
| |
log file = /var/log/rsync.log |
| |
pid file = /var/lock/rsync.lock |
| |
|
| |
&merge /etc/rsyncd.d |
| |
&include /etc/rsyncd.d ) |
| |
|
| |
This would merge any /etc/rsyncd.d/*.inc files (for global values that should |
| |
stay in effect), and then include any /etc/rsyncd.d/*.conf files (defining |
| |
modules without any global-value cross-talk). |
| |
|
| manpagesection(AUTHENTICATION STRENGTH) |
manpagesection(AUTHENTICATION STRENGTH) |
| |
|
| The authentication protocol used in rsync is a 128 bit MD4 based |
The authentication protocol used in rsync is a 128 bit MD4 based |
|
Line 706 url(http://rsync.samba.org/)(http://rsync.samba.org/)
|
Line 894 url(http://rsync.samba.org/)(http://rsync.samba.org/)
|
| |
|
| manpagesection(VERSION) |
manpagesection(VERSION) |
| |
|
| This man page is current for version 3.0.9 of rsync. | This man page is current for version 3.1.0 of rsync. |
| |
|
| manpagesection(CREDITS) |
manpagesection(CREDITS) |
| |
|
| rsync is distributed under the GNU public license. See the file | rsync is distributed under the GNU General Public License. See the file |
| COPYING for details. |
COPYING for details. |
| |
|
| The primary ftp site for rsync is |
The primary ftp site for rsync is |
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to rsyncd.conf.yo CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / rsync